CVE-2025-24054 vulnerability in Microsoft Products
Published on March 11, 2025

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

Vendor Advisory NVD

Known Exploited Vulnerability

This Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network.

The following remediation steps are recommended / required by May 8, 2025: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Vulnerability Analysis

CVE-2025-24054 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

Products Associated with CVE-2025-24054

You can be notified by stack.watch whenever vulnerabilities like CVE-2025-24054 are published in these products:

Microsoft Windows Server 2008

Microsoft Windows Server 2012

Microsoft Windows 10 1507

Microsoft Windows 10

Microsoft Windows 11

Microsoft Windows Server 2016

Microsoft Windows Server 2019

Microsoft Windows 11 23h2

Microsoft Windows 11 24h2

Microsoft Windows Server 2022

Microsoft Windows Server 2022 23h2

Microsoft Windows Server 2025

What versions are vulnerable to CVE-2025-24054?

Microsoft Windows Server 2008 Version r2 sp1 x64
Microsoft Windows Server 2012 Version r2
Microsoft Windows Server 2012 Version -
Microsoft Windows 10 1507 Fixed in Version 10.0.10240.20947 x64
Microsoft Windows 10 1507 Fixed in Version 10.0.10240.20947 x86
Microsoft Windows 10 1607 Fixed in Version 10.0.14393.7876 x64
Microsoft Windows 10 1607 Fixed in Version 10.0.14393.7876 x86
Microsoft Windows 10 1809 Fixed in Version 10.0.17763.7009 x64
Microsoft Windows 10 1809 Fixed in Version 10.0.17763.7009 x86
Microsoft Windows Server 2016 Fixed in Version 10.0.14393.7876
Microsoft Windows Server 2019 Fixed in Version 10.0.17763.7009
Microsoft Windows 10 21h2 Fixed in Version 10.0.19044.5608 arm64
Microsoft Windows 10 21h2 Fixed in Version 10.0.19044.5608 x64
Microsoft Windows 10 21h2 Fixed in Version 10.0.19044.5608 x86
Microsoft Windows 10 22h2 Fixed in Version 10.0.19045.5608 arm64
Microsoft Windows 10 22h2 Fixed in Version 10.0.19045.5608 x64
Microsoft Windows 10 22h2 Fixed in Version 10.0.19045.5608 x86
Microsoft Windows 11 22h2 Fixed in Version 10.0.22621.5039 arm64
Microsoft Windows 11 22h2 Fixed in Version 10.0.22621.5039 x64
Microsoft Windows 11 23h2 Fixed in Version 10.0.22631.5039 arm64
Microsoft Windows 11 23h2 Fixed in Version 10.0.22631.5039 x64
Microsoft Windows 11 24h2 Fixed in Version 10.0.26100.3403 arm64
Microsoft Windows 11 24h2 Fixed in Version 10.0.26100.3403 x64
Microsoft Windows Server 2022 Fixed in Version 10.0.20348.3270
Microsoft Windows Server 2022 23h2 Fixed in Version 10.0.25398.1486
Microsoft Windows Server 2025 Fixed in Version 10.0.26100.3403

CVE-2025-24054 vulnerability in Microsoft ProductsPublished on March 11, 2025

Known Exploited Vulnerability

Vulnerability Analysis

Products Associated with CVE-2025-24054

What versions are vulnerable to CVE-2025-24054?

CVE-2025-24054 vulnerability in Microsoft Products
Published on March 11, 2025